A poorly or carelessly administered aliases file can easily be used to gain privileged status. For example, many vendors ship systems with a decode alias in the /etc/mail/aliases
file. The intention is to provide an easy way for users to transfer binary files using mail. At the sending site the user converts the binary to ASCII with uuencode, then mails the result to the decode
alias at the receiving site. That alias pipes the mail message through the /usr/bin/uuencode program, which converts the ASCII back into the original binary file.

Remove the decode alias line from your /etc/mail/aliases file. Similarly, every alias that executes a program that you did not place there yourself and check completely should be
questioned and probably removed.
Edit the aliases file vi/etc/mail/aliases and remove the following lines:

You need to prevent your Sendmail being abused by unauthorized users, Sendmail now includes powerful Anti-Spam features, which can help prevent your mail server from being abused by unauthorized users. To do
this, make a change to the configuration file to block off spammers. Edit the sendmail.cf file, vi/etc/mail/sendmail.cf and change the line:

O PrivacyOptions=authwarnings

To read:

O PrivacyOptions=authwarnings,goaway

Setting the goaway option causes Sendmail to disallow all SMTPEXPN commands, it also causes it to reject all SMTPVERB commands and to
disallow all SMTPVRFY commands. These changes prevent spammers from using the EXPN and VRFY commands in Sendmail.

You have to restrict who can examine the queues contents, ordinarily, anyone may examine the mail queue's contents by using the mailq command. To restrict who may examine the queues contents, you
must specify the restrictmailq option in the /etc/mail/sendmail.cf file. With this option, Sendmail allows only users who are in the same group as the group ownership of the queue
directory root to examine the contents. This allows the queue directory to be fully protected with mode 0700, while selected users are still able to see the contents.

Edit the sendmail.cf file, vi/etc/mail/sendmail.cf and change the line:

O PrivacyOptions=authwarnings,goaway

To read:

O PrivacyOptions=authwarnings,goaway,restrictmailq

Now we change the mode of our queue directory to be fully protected:

[root@deep] /# chmod 0700 /var/spool/mqueue

Now re-start the sendmail process manually for the change to take effect:

[root@deep] /# /etc/rc.d/init.d/sendmail restart

Shutting down sendmail: [ OK ]
Starting sendmail: [ OK ]

:
We have already added the goaway option to the line PrivacyOptions= in sendmail.cf file. Now we can just add the restrictmailq option to this line.

Any non-privileged user who attempts to examine the mail queue content will get this message: